Re: natd ip redirect confuses Java server behind the firewall.

Fri, 10 Jan 2003 04:00:09 -0800 

# [EMAIL PROTECTED] / 2003-01-09 20:50:52 -0800:
> A bit long...

    indeed :)

> FreeBSD 4.3 running with IPFW and NATD 
> One of the IP addresses is redirected to the apache/tomcat/java server. 
> "redirect_address 10.150.0.24 a.b.c.d" 
> No other fancy proxy stuff or fw rules. 
> 
> Clients on the internal network have no problems with the internal server. 
> Access to the internal server from the Internet works fine except for some java
> calls. 

> I tcpdumped  the inside card of the firewall and can see the point where the
> java server attempts to send a request for information from it's own re-directed
> public IP. It goes like this.
> 
> Internet client: w.x.y.z 
> Firewall public IP: a.b.c.d redirected to the inside java box. 
> inside Java IP: 10.150.0.24 
> 
> Keep in mind I'm sniffing the inside card of the firewall so 'in what little is
> left of my mind' everything is translated already. 
> Client initiates: 
> TO: 10.150.0.24 
> from: w.x.y.z 
> Client gets onto the web pages fine then attempts to run one of the java
> reports. 
> TO: 10.150.0.24 
> from: w.x.y.z 
> 
> The server was then doing it's reflux thing which tried to get further 
> java/url stuff from whatever server the client initiated 
> To: a.b.c.d 
> from: 10.150.0.24 <= Java box attempts to 'reach' it's public IP. 

    "reach its public ip"? 10.150.0.24 is the *private* ip, isn't it?
 
> At this point the client gets an error 'Form not found' 

    what packets does the *client* see? IOW, what goes *out* from the
    outside interface? the packet headers are obviously translated fine,
    but maybe the server sends it its IP in the data?
 
> So, is this really a NATD problem or could it actually be a problem in one of
> the Java server configs ?

    i would think so.

> And if so where do I look, I'm neither an Apache tomcat or java
> expert.

    doesn't look like an apache problem. either tomcat or the java app.
 
-- 
If you cc me or remove the list(s) completely I'll most likely ignore
your message.    see http://www.eyrie.org./~eagle/faqs/questions.html

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to